selinux-policy/policy/modules/services/mojomojo.if
2010-08-02 09:28:06 -04:00

41 lines
1.1 KiB
Plaintext

## <summary>MojoMojo Wiki</summary>
########################################
## <summary>
## All of the rules required to administrate
## an mojomojo environment
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## Role allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mojomojo_admin',`
gen_require(`
type httpd_mojomojo_script_t;
type httpd_mojomojo_content_t, httpd_mojomojo_ra_content_t;
type httpd_mojomojo_rw_content_t;
type httpd_mojomojo_script_exec_t, httpd_mojomojo_htaccess_t;
')
allow $1 httpd_mojomojo_script_t:process { ptrace signal_perms };
ps_process_pattern($1, httpd_mojomojo_script_t)
files_search_var_lib(httpd_mojomojo_script_t)
apache_search_sys_content($1)
admin_pattern($1, httpd_mojomojo_script_exec_t)
admin_pattern($1, httpd_mojomojo_script_t)
admin_pattern($1, httpd_mojomojo_content_t)
admin_pattern($1, httpd_mojomojo_htaccess_t)
admin_pattern($1, httpd_mojomojo_rw_content_t)
admin_pattern($1, httpd_mojomojo_ra_content_t)
')